Police Agencies Are Getting Cozy with Private Security Companies

Law enforcement agencies and cybersecurity companies are working together closer than ever.

Just last week, it was revealed Dutch police had heavily relied on Russian firm Kaspersky to catch a couple of ransomware suspects, and newly released emails show how cops from Florida couldn't "survive" without tools provided by controversial Italian surveillance software company Hacking Team. Elsewhere, Russian company Group-IB penned a cooperation agreement with Europol's cybercrime agency, and a collective of law enforcement bodies and private outfits worked together to shutdown the notorious GameOver Zeus botnet.

Now, the UK's National Crime Agency (NCA) wants to get its officers to "colocate" with those in private firms in order to tackle cybercrime. At the same time, one person who has crossed paths with the NCA has criticised the agency for its apparently low technical capabilities.

Last week during a keynote address at Cloudsec, the NCA's National Cyber Crime Unit (NCCU) Head of Strategy, Partnerships, and Transformation Oliver Gower said that a relationship similar to the Five Eyes spy group—made of up intelligence agencies from the United States and other countries—could be formed by the NCA to address the rising tide of cybercrime, The Register reported.

Gower also said he is interested in the US's National Cyber-Forensics and Training Alliance (NCFTA), which physically places law enforcement and private cybersecurity workers side-by-side.

But the NCA has previously teamed up with private companies.

"For operational reasons it would be wrong to comment on specific initiatives, but the NCA already works alongside a number of industry partners to tackle the threat of cyber crime," an NCA spokesperson told Motherboard in an email. "This includes chairing a strategic industry group that includes retail, IT security and financial partners amongst others. We also draw upon the expertise of industry professionals through the recruitment of NCA Specials."

Indeed, back in June, Andy Archibald, head of the NCCU, told the BBC that the agency had enlisted Intel Security and Trend Micro as part of "virtual threat teams" in order to provide a global view of cybercrime.

"We recognise the industry's visibility of the cyber crime threat and their ability to form part of the response. It is by working together—combining law enforcement and industry's complementary capabilities—that we can maximise our impact on the threat," an NCA spokesperson told Motherboard in an email.

For the NCA, industry collaborations have been pretty effective, although it's not clear whether this applies specifically to the Intel Security and Trend Micro deals. "These relationships have been central to many of our successes against cyber criminals to date and we are looking to strengthen these ties, bringing their expertise further into our operational planning," the spokesperson added.

But one person who has crossed paths with the NCA said the agency's own technical abilities are pretty poor, something that could arguably be solved by greater involvement with private companies.

The source, who spoke to Motherboard under the condition of anonymity, said that someone under investigation by the NCA "encrypted a USB stick using Truecrypt. The password length was 7 characters long and was a dictionary word, something you should be able to crack quite swiftly using modern hardware. Yet the NCA were unable to decrypt it." The source added that he thinks the NCA forensics team is a complete "shambles."

In response to this specific claim, an NCA spokesperson said that "we as a matter of course don't comment on ongoing investigations."

But as the relationship between the NCA and private companies becomes tighter, perhaps the agency will become even more effective at clamping down on cybercrime.